Which of the following should an information security manager do FIRST upon confirming a privileged...

[References: The CISM Review Manual 2023 states that “the information security manager is responsible for ensuring that the security configuration of information systems is in compliance with the security policies and standards of the organization” and that “the information security manager should monitor and review the security configuration of information systems on a regular basis and take corrective actions when deviations or violations are detected” (p. 138). The CISM Review Questions, Answers & Explanations Manual 2023 also provides the following rationale for this answer: “Enforcing the security configuration and requiring the change to be reverted is the correct answer because it is the most immediate and effective action to address the unauthorized modification and to maintain the security of the application” (p. 63). Additionally, the Effective Interactive Privileged Access Review article from the ISACA Journal 2018 states that “any unauthorized changes to the production environment should be reverted back to the original state and the incident should be reported to the appropriate authority” (p. 4)1., , , , , , , , ]